Why Cybersecurity Leaders Are Quickly Acquiring DSPM Startups

Standalone Data Security Posture Management (DSPM) solutions are urged to evolve beyond merely providing visibility into cloud environments to include security controls and policy enforcement. This shift is crucial to prevent their obsolescence in the face of comprehensive security platforms that consolidate multiple functionalities.

As highlighted by Forrester Principal Analyst Heidi Shey, the demand for DSPM surged during 2020 and 2021 as organizations sought tools to identify, categorize, and mitigate risks related to sensitive data stored in the cloud. However, the early DSPM offerings focused predominantly on visibility rather than enforcement. Although they could identify vulnerabilities, Shey explains that they failed to take requisite actions in securing that data.

By 2023, it became evident that the DSPM market was rapidly consolidating as companies expressed disinterest in adopting additional standalone security solutions that required manual interventions for integration. The answer, as Shey notes, lies in the development or acquisition of an integrated data security platform that brings together DSPM, data loss prevention (DLP), and access governance capabilities, thereby enhancing overall security.

Prominent cyber companies have been acquiring DSPM startups to augment their capabilities. This consolidatory trend has intensified, with seven DSPM startups acquired by established technology vendors since May 2023, including IBM, Rubrik, and Palo Alto Networks. As a result, Cyera has emerged as the largest independent DSPM organization with a valuation of $3 billion after successfully securing $600 million in funding while acquiring the DLP startup, Trail.

Rubrik’s Chief Product Officer Anneka Gupta noted that recent breaches have left affected organizations scrambling to ascertain what sensitive data was compromised. The integration of DSPM into existing security frameworks is poised to provide organizations with the insights needed to respond more effectively during such crises.

The landscape for DSPM is evolving, prompted by the proliferation of unchecked sensitive data across cloud services and applications. Shey emphasizes that these circumstances have compelled businesses to seek automated solutions for data discovery and risk analysis, which align security protocols more closely with the nuanced operational realities of cloud environments.

The transition from standalone DSPM solutions to integrated platforms is also shifting priorities for security teams. As DSPM becomes more intertwined with DLP, classifications are becoming more accurate and aligned with organizational security policies. Notably, the integration of DSPM and DLP is essential for mitigating the challenges associated with false positives, streamlining policy enforcement, and enhancing overall data governance.

The increasing market interest in DSPM solutions signifies not just a demand for visibility and compliance but also a strategic move towards a more holistic approach to data protection. As organizations leverage DSPM within larger security frameworks, they are better positioned to face dynamic threats effectively while navigating the complexities of cloud environments and AI-driven applications, which present unique challenges in terms of data handling and privacy management.

Amid this rapid evolution, the MITRE ATT&CK framework serves as a critical lens through which businesses can analyze potential tactics and techniques that adversaries may employ. This includes initial access, persistence, and privilege escalation, enabling organizations to fortify their defenses in an increasingly complex threat landscape. The urgency to develop robust DSPM capabilities has never been higher, underscoring the necessity for businesses to remain vigilant and proactive.